E-mail, Feeds, 'n' Stuff

Saturday, October 16, 2010

What I get for being stupid

I recently subscribed for another year's "protection" from AVG, the outfit that makes the anti-virus software that I use on one of our computers. I hesitated to blow the $41.24, because AVG has a free product that works just fine on another of our computers. But I had purchased the pay version, and now it was expiring, and so I pulled the trigger.

Now I get the credit card bill, and guess what? AVG billed it from an address in farookin' Nicosia, Cyprus. And so of course the mobsters at Bank of America dinged me for another $1.23 "foreign transaction fee."

Oh, well. One thing's for sure: That's the last penny that AVG will ever see from me.

Yeah, AVG jumped the shark about a year ago. It was hogging the cpu and had tendrils everywhere. It was headed to Nortonville.... You can (should? must?) download from Norton a program which you burn to a disk which you boot from to scour all Norton residue from your system. When you have to deal with the bugs the exterminator dragged in you know it is time to change.

Malwarebytes was a pain to get started, but once running, no problems so far. YMMV

AVG is Czech, so you were probably looking at a foreign payment regardless of which country it charged through. It's decent AV. Not the greatest, but keeping on the best AV is a never-ending chase; the best changes every six months or so.

Best thing you an do in the windows world is get current on all patches and updates, not just for the OS but also for Adobe Reader and Flash. AV alone will NOT keep you safe.

Pat: Kaspersky is reputed to be very good. Don't fret that they're Russian; they know their stuff.

Zeb: Malwarebytes is excellent, but it is NOT an antivirus product. It is designed to work with, not replace, your current AV.

Montiglion: great advice for those users with discipline enough to use the vm for browsing *every* time. Most users don't.

Just FYI, even the best anti-virus stuff can't protect you from rootkits. They are impossible to detect, and, even if you could detect them, you simply cannot remove them.

In the US, banks/brokerages/etc offer us very little protection. Most banks in Europe offer you one-time password key fobs to be used in conjunction with your normal password. While PayPal offers this (for a fee), I don't know of any banks/brokerages in the US that do. That's a disgrace.

Check your brokerages. Fidelity guarantees to make you whole due to fraudulent activity. Vanguard, last I checked, does not. So if you have a rootkit tracking every keypress, and someone sells all your Vanguard 401k and shorts Apple... well, you're *&%# out of luck (unless the stock drops of course).

Personal bank accounts have some federal protection. Business bank accounts do not.

Some banks/brokerages do allow you to turn "off" all online access. (I know Vanguard does.)

As LC says, Ubuntu is a UNIX OS that you can install on a USB flash drive. You can then very simply change your bios to boot from USB (and failing that, boot to your Windows OS). This way, when you need to do sensitive stuff, just reboot and plug in the USB, and you have a totally clean means to access sensitive stuff.

(And it goes without saying that accessing any private information over a private WiFi network is just ASKING for trouble. Logging into bank/email at Starbucks or a Hotel wifi is just plain dumb. Best bet is to disable your home wifi completely.)

Well, another way to think of it... a home wifi is like having your own personal cell phone tower right in your own home! If there are health consequences to cell phone towers, they're going to be that much worse for always-on non-directional wifi systems! At least cell phone towers are directional to a phone in use.

I know what it does. But I bought it for a reason. I use it. I get a benefit out of it. If I disable it, I'm looking at endless screwing around with cables to get an internet connection. It's encrypted -- that will have to be good enough.

I also have wireless phones, over which I discuss all sorts of matters and sometimes give out sensitive information. I guess I'm not supposed to use those, either?

Separately, however, if one is concerned about residential cell phone towers, it makes sense to be equally concerned about, say, wireless phones (which nowadays are pretty resistant to tapping due to their swapping) and wireless networks... both of which are more localized, intense, and consistent in their ability to fry us with electromagnetic radiation.

Wow. A lot of paranoia. If the Fedz want to crack your private communications (and there are ways to even send encrypted emails) they will. That evil Clipper law allows it.

A well set-up firewall and well set-up anti-virus / malware system protects from most of the rest. One rec is to have a router front your network and then set up a firewall. Encrypt WiFi. And have one AV package and one malware package. That way if one piece of protection misses something the other will likely catch it. There are some performance hits for all of this.

Corporations give employees VPN to protect data accessed from open networks. Of course, you desktop/laptop still needs to be protected.

If you are really freaked and running servers, there's always Tripwire.

Draw a pentagram on the floor in front of the computer. Get a chicken and wave it back and forth before the machine, while muttering incantations. The paranoia level's gone into overdrive.

Buy a Mac! Disable WiFi. Boot from a Linux distro.

Yeesh.

I've been working with computers since the mid-1970's - back when a lot of them took up 3 walls of a good sized office. Back when "debugging" actually involved walking behind the units and removing moths.

Most home computers today have greater processing power than the wall-hoggers.

I've never had a computer virus. I thought I did, once, but it turned out to be just a poorly-written bit of code that ended up backing iterations of itself into the CMOS, which wiped out the settings, and - voila! - the system was dead. I woke up at 2 a.m. and reset the CMOS settings during boot, and everything was back. I removed the program (which was a file-splitter for large files) and subsequently located the offending lines of code.

LucsAdvo offers perhaps the best advice: small is good. A well set-up firewall and well set-up anti-virus / malware system protects from most of the rest.

And as he notes, use one antivirus and one malware program; what one misses, the other is likely to catch.

But the most important advice of all, which I've not seen mentioned as yet, is this:

Don't behave stupidly.

Do you visit Torrent sites? Great way to mess up your system. Like Pron? There's another. Don't do stuff like that, and you've reduced the odds of viral/malware infiltration by perhaps 95%.

You don't need to Buy A Mac. I like them, but it's a silly reason to buy one. I like Linux, as well - but I wouldn't run the OS as a means of "protection". On my network, there's a Mac, an ASUS running a flavor of Ubuntu Linux, one that runs SuSe Linux, one that runs Windows Vista, and two that run XP.

Sorry, max, but the "don't be stupid" advice is no longer relevant. Being stupid still makes things worse, but being smart is insufficient to be safe. Most of the infections I clean up come from advertisements served up on "safe" sites like msn.com. Google for "drive by download" to see how bad things are.

Get patched, get av, get malwarebytes, back up, and hope you stay lucky. It's an arms race, and the bad guys are winning.

Never seen the need to "upgrade" AVG. I've used it for YEARS and never had a problem. I have several 'protections' on my computer and VERY rarely has anything gotten into my system. As a self-confessed geek, yes, I don't really have a lot of faith in Microsoft, but I'm unwilling to pay what it costs for a MAC (plus I'm not sure it's the cat's meow that all the MAC users want us to think it is). No, I just got the 'time to update' ad on my computer this morning; stuck with the free version. When they start charging I've got at least two other programs that are very good that I'll switch to.

Road Work

Miles run year to date: 155
At this date last year: 241
Total run in 2015: 271
In 2014: 401
In 2013: 257
In 2012: 129
In 2011: 113
In 2010: 125
In 2009: 67
In 2008: 28
In 2007: 113
In 2006: 100
In 2005: 149
In 2004: 204
In 2003: 269